Ensure GDPR compliance by auditing user activity and AD changes

The EU formed the General Data Protection Regulation (GDPR) to resolve the biggest concern organizations have today: data privacy. Organizations that have already met various other compliance mandates, such as PCI DSS, HIPAA, and ISO 27001, may still find it difficult to comply with all of the GDPR's requirements. Spanning 11 chapters and 99 articles, this compliance mandate:

Contains specific regulations to give individuals more control over their personal information.

Includes a privacy assessment for a wide range of personal data (name, email, IP address, cookies, radio-frequency identification, and more).

Requires enterprises to educate their IT professionals on how to handle, store, and process clients' personal data, as well as auditing policies.

From May 25, 2018, the GDPR will replace the EU's existing Data Protection Directive. Organizations now need to reform their security strategies and adopt technical measures so they can comply with this mandate and avoid huge non-compliance penalties (up to €20 million or four percent of the organization's global annual turn over).

What technical measures do I have to adopt to comply with the GDPR?

The GDPR insists on adopting technical measures to:

Ensure the integrity, confidentiality, availability, and resilience of data processing systems and services.

Restore availability and access to personal data in case of a technical incident.

Report data breaches within 72 hours.

To meet the above requirements, you should deploy a security solution that monitors access and activity on the servers where personal data is stored, and promptly detects any breaches (unauthorized access and modifications to personal data; privilege abuse; and deletion of personal data).

Ensure the personal data on your servers is secure with ADAudit Plus

If you store personal data in files and folders that reside in a Windows file server, ADAudit Plus is the perfect solution to help you protect your data. The solution comes with prepackaged reports that provide a complete audit trail of:

User access (including logons/logoffs and logon failures)

User session activity

This information will help you ensure that only specified users get access to or perform operations on personal data.

Account lockouts, including when the user got locked out, from which device, and their logon history.

Auditing this information helps flag anomalous activity, which can help you stop a brute-force attack in its tracks.

Internal attack detection: Monitoring the indicators of internal threats is just as important as detecting external attacks. Auditing user activity, especially privileged user account access and activity, helps you detect anomalies with respect to user behavior so you can prevent accidental or intentional data breaches originating from within your network. ADAudit Plus tracks the following critical security events to help detect potential threats:

Users logged into multiple computers

Administrator logon activity

Backdoor account detection: If a hacker wants to sneak data out of your network, they might try to do it using a backdoor account. A backdoor attack occurs when an attacker creates and adds privileges to a user account in the network to perform file/folder operations or escalate privileges. This allows them to steal data without a trace.

ADAudit Plus can promptly detect this kind of attack with its real-time alerts module. Detect backdoor account creation instantly and stop breaches before they occur using the following predefined alert profiles:

Modified admin groups

Members added to privileged groups

New user creation

Domain policy changes

GPO changes

ADAudit Plus Trusted By

A single pane of glass for complete Active Directory Auditing and Reporting